Конфиг самбы , самба член домена KAR, drychkov юзер домена и админ:
[global]
workgroup = KAR
realm = KAR.LOCAL
server string = comp1
security = ADS
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind refresh tickets = Yes
[home]
comment = home
path = /var/share
valid users = KAR\drychkov
read only = No
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
read only = No
create mask = 0777
guest ok = Yes
printable = Yes
browseable = No
browsable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
read only = No
guest ok = Yes
Вот так все работает :
# net rpc rights grant Everyone SePrintOperatorPrivilege
Enter root's password:
Successfully granted rights.
# net rpc rights grant Everyone SePrintOperatorPrivilege -U drychkov
Enter drychkov's password:
Successfully granted rights.
А вот так:
# net rpc rights grant drychkov SePrintOperatorPrivilege
Enter root's password:
Failed to grant privileges for drychkov (NT_STATUS_ACCESS_DENIED)
PS пользователь drychkov без проблем подключается по ssh к серверу, и в папку [home] заходит, так что вроде самба и винбинд нормально работают.
# wbinfo -t
checking the trust secret via RPC calls succeeded
Так же выдают группы и пользователей комманды: # wbinfo -g # wbinfo -u
